@poolzin/pool-bot 2026.2.0 → 2026.2.2

package/dist/auto-reply/reply/commands-ptt.js

@@ -0,0 +1,171 @@
+import { callGateway, randomIdempotencyKey } from "../../gateway/call.js";
+import { logVerbose } from "../../globals.js";
+const PTT_COMMANDS = {
+    start: "talk.ptt.start",
+    stop: "talk.ptt.stop",
+    once: "talk.ptt.once",
+    cancel: "talk.ptt.cancel",
+};
+function normalizeNodeKey(value) {
+    return value
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, "-")
+        .replace(/^-+/, "")
+        .replace(/-+$/, "");
+}
+function isIOSNode(node) {
+    const platform = node.platform?.toLowerCase() ?? "";
+    const family = node.deviceFamily?.toLowerCase() ?? "";
+    return (platform.startsWith("ios") ||
+        family.includes("iphone") ||
+        family.includes("ipad") ||
+        family.includes("ios"));
+}
+async function loadNodes(cfg) {
+    try {
+        const res = await callGateway({
+            method: "node.list",
+            params: {},
+            config: cfg,
+        });
+        return Array.isArray(res.nodes) ? res.nodes : [];
+    }
+    catch {
+        const res = await callGateway({
+            method: "node.pair.list",
+            params: {},
+            config: cfg,
+        });
+        return Array.isArray(res.paired) ? res.paired : [];
+    }
+}
+function describeNodes(nodes) {
+    return nodes
+        .map((node) => node.displayName || node.remoteIp || node.nodeId)
+        .filter(Boolean)
+        .join(", ");
+}
+function resolveNodeId(nodes, query) {
+    const trimmed = String(query ?? "").trim();
+    if (trimmed) {
+        const qNorm = normalizeNodeKey(trimmed);
+        const matches = nodes.filter((node) => {
+            if (node.nodeId === trimmed) {
+                return true;
+            }
+            if (typeof node.remoteIp === "string" && node.remoteIp === trimmed) {
+                return true;
+            }
+            const name = typeof node.displayName === "string" ? node.displayName : "";
+            if (name && normalizeNodeKey(name) === qNorm) {
+                return true;
+            }
+            if (trimmed.length >= 6 && node.nodeId.startsWith(trimmed)) {
+                return true;
+            }
+            return false;
+        });
+        if (matches.length === 1) {
+            return matches[0].nodeId;
+        }
+        const known = describeNodes(nodes);
+        if (matches.length === 0) {
+            throw new Error(`unknown node: ${trimmed}${known ? ` (known: ${known})` : ""}`);
+        }
+        throw new Error(`ambiguous node: ${trimmed} (matches: ${matches
+            .map((node) => node.displayName || node.remoteIp || node.nodeId)
+            .join(", ")})`);
+    }
+    const iosNodes = nodes.filter(isIOSNode);
+    const iosConnected = iosNodes.filter((node) => node.connected);
+    const iosCandidates = iosConnected.length > 0 ? iosConnected : iosNodes;
+    if (iosCandidates.length === 1) {
+        return iosCandidates[0].nodeId;
+    }
+    if (iosCandidates.length > 1) {
+        throw new Error(`multiple iOS nodes found (${describeNodes(iosCandidates)}); specify node=<id>`);
+    }
+    const connected = nodes.filter((node) => node.connected);
+    const fallback = connected.length > 0 ? connected : nodes;
+    if (fallback.length === 1) {
+        return fallback[0].nodeId;
+    }
+    const known = describeNodes(nodes);
+    throw new Error(`node required${known ? ` (known: ${known})` : ""}`);
+}
+function parsePTTArgs(commandBody) {
+    const tokens = commandBody.trim().split(/\s+/).slice(1);
+    let action;
+    let node;
+    for (const token of tokens) {
+        if (!token) {
+            continue;
+        }
+        if (token.toLowerCase().startsWith("node=")) {
+            node = token.slice("node=".length);
+            continue;
+        }
+        if (!action) {
+            action = token;
+        }
+    }
+    return { action, node };
+}
+function buildPTTHelpText() {
+    return [
+        "Usage: /ptt <start|stop|once|cancel> [node=<id>]",
+        "Example: /ptt once node=iphone",
+    ].join("\n");
+}
+export const handlePTTCommand = async (params, allowTextCommands) => {
+    if (!allowTextCommands) {
+        return null;
+    }
+    const { command, cfg } = params;
+    const normalized = command.commandBodyNormalized.trim();
+    if (!normalized.startsWith("/ptt")) {
+        return null;
+    }
+    if (!command.isAuthorizedSender) {
+        logVerbose(`Ignoring /ptt from unauthorized sender: ${command.senderId || "<unknown>"}`);
+        return { shouldContinue: false, reply: { text: "PTT requires an authorized sender." } };
+    }
+    const parsed = parsePTTArgs(normalized);
+    const actionKey = parsed.action?.trim().toLowerCase() ?? "";
+    const commandId = PTT_COMMANDS[actionKey];
+    if (!commandId) {
+        return { shouldContinue: false, reply: { text: buildPTTHelpText() } };
+    }
+    try {
+        const nodes = await loadNodes(cfg);
+        const nodeId = resolveNodeId(nodes, parsed.node);
+        const invokeParams = {
+            nodeId,
+            command: commandId,
+            params: {},
+            idempotencyKey: randomIdempotencyKey(),
+            timeoutMs: 15_000,
+        };
+        const res = await callGateway({
+            method: "node.invoke",
+            params: invokeParams,
+            config: cfg,
+        });
+        const payload = res.payload && typeof res.payload === "object" ? res.payload : {};
+        const lines = [`PTT ${actionKey} → ${nodeId}`];
+        if (typeof payload.status === "string") {
+            lines.push(`status: ${payload.status}`);
+        }
+        if (typeof payload.captureId === "string") {
+            lines.push(`captureId: ${payload.captureId}`);
+        }
+        if (typeof payload.transcript === "string" && payload.transcript.trim()) {
+            lines.push(`transcript: ${payload.transcript}`);
+        }
+        return { shouldContinue: false, reply: { text: lines.join("\n") } };
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return { shouldContinue: false, reply: { text: `PTT failed: ${message}` } };
+    }
+};

package/dist/auto-reply/reply/get-reply-run.js

@@ -118,7 +118,7 @@ export async function runPreparedReply(params) {
     const prefixedBody = [threadStarterNote, prefixedBodyBase].filter(Boolean).join("\n\n");
     const mediaNote = buildInboundMediaNote(ctx);
     const mediaReplyHint = mediaNote
-        ? "To send an image back, prefer the message tool (media/path/filePath). If you must inline, use MEDIA:/path or MEDIA:https://example.com/image.jpg (spaces ok, quote if needed). Keep caption in the text body."
+        ? "To send an image back, prefer the message tool (media/path/filePath). If you must inline, use MEDIA:https://example.com/image.jpg (spaces ok, quote if needed) or a safe relative path like MEDIA:./image.jpg. Avoid absolute paths (MEDIA:/...) and ~ paths — they are blocked for security. Keep caption in the text body."
         : undefined;
     let prefixedCommandBody = mediaNote
         ? [mediaNote, mediaReplyHint, prefixedBody ?? ""].filter(Boolean).join("\n").trim()
@@ -242,6 +242,7 @@ export async function runPreparedReply(params) {
             senderName: sessionCtx.SenderName?.trim() || undefined,
             senderUsername: sessionCtx.SenderUsername?.trim() || undefined,
             senderE164: sessionCtx.SenderE164?.trim() || undefined,
+            senderIsOwner: command.senderIsOwner,
             sessionFile,
             workspaceDir,
             config: cfg,

package/dist/auto-reply/reply/inbound-context.js

@@ -24,7 +24,11 @@ export function finalizeInboundContext(ctx, opts = {}) {
     }
     const bodyForAgentSource = opts.forceBodyForAgent
         ? normalized.Body
-        : (normalized.BodyForAgent ?? normalized.Body);
+        : (normalized.BodyForAgent ??
+            // Prefer "clean" text over legacy envelope-shaped Body when upstream forgets to set BodyForAgent.
+            normalized.CommandBody ??
+            normalized.RawBody ??
+            normalized.Body);
     normalized.BodyForAgent = normalizeInboundTextNewlines(bodyForAgentSource);
     const bodyForCommandsSource = opts.forceBodyForCommands
         ? (normalized.CommandBody ?? normalized.RawBody ?? normalized.Body)

package/dist/auto-reply/reply/mentions.js

@@ -73,7 +73,7 @@ export function matchesMentionWithExplicit(params) {
     const explicitAvailable = params.explicit?.canResolveExplicit === true;
     const hasAnyMention = params.explicit?.hasAnyMention === true;
     if (hasAnyMention && explicitAvailable)
-        return explicit;
+        return explicit || params.mentionRegexes.some((re) => re.test(cleaned));
     if (!cleaned)
         return explicit;
     return explicit || params.mentionRegexes.some((re) => re.test(cleaned));

package/dist/auto-reply/reply/model-selection.js

@@ -65,7 +65,7 @@ function resolveParentSessionKeyCandidate(params) {
         return derived;
     return null;
 }
-function resolveStoredModelOverride(params) {
+export function resolveStoredModelOverride(params) {
     const direct = resolveModelOverrideFromEntry(params.sessionEntry);
     if (direct)
         return { ...direct, source: "session" };
@@ -327,9 +327,9 @@ export function resolveModelDirectiveSelection(params) {
                 defaultProvider,
                 defaultModel,
             });
-            return { candidate, ...details };
+            return Object.assign({ candidate }, details);
         })
-            .sort((a, b) => {
+            .toSorted((a, b) => {
             if (b.score !== a.score)
                 return b.score - a.score;
             if (a.isDefault !== b.isDefault)

package/dist/auto-reply/thinking.js

@@ -1,9 +1,11 @@
 function normalizeProviderId(provider) {
-    if (!provider)
+    if (!provider) {
         return "";
+    }
     const normalized = provider.trim().toLowerCase();
-    if (normalized === "z.ai" || normalized === "z-ai")
+    if (normalized === "z.ai" || normalized === "z-ai") {
         return "zai";
+    }
     return normalized;
 }
 export function isBinaryThinkingProvider(provider) {
@@ -11,38 +13,52 @@ export function isBinaryThinkingProvider(provider) {
 }
 export const XHIGH_MODEL_REFS = [
     "openai/gpt-5.2",
+    "openai-codex/gpt-5.3-codex",
     "openai-codex/gpt-5.2-codex",
     "openai-codex/gpt-5.1-codex",
+    "github-copilot/gpt-5.2-codex",
+    "github-copilot/gpt-5.2",
 ];
 const XHIGH_MODEL_SET = new Set(XHIGH_MODEL_REFS.map((entry) => entry.toLowerCase()));
 const XHIGH_MODEL_IDS = new Set(XHIGH_MODEL_REFS.map((entry) => entry.split("/")[1]?.toLowerCase()).filter((entry) => Boolean(entry)));
 // Normalize user-provided thinking level strings to the canonical enum.
 export function normalizeThinkLevel(raw) {
-    if (!raw)
+    if (!raw) {
         return undefined;
-    const key = raw.toLowerCase();
-    if (["off"].includes(key))
+    }
+    const key = raw.trim().toLowerCase();
+    const collapsed = key.replace(/[\s_-]+/g, "");
+    if (collapsed === "xhigh" || collapsed === "extrahigh") {
+        return "xhigh";
+    }
+    if (["off"].includes(key)) {
         return "off";
-    if (["on", "enable", "enabled"].includes(key))
+    }
+    if (["on", "enable", "enabled"].includes(key)) {
         return "low";
-    if (["min", "minimal"].includes(key))
+    }
+    if (["min", "minimal"].includes(key)) {
         return "minimal";
-    if (["low", "thinkhard", "think-hard", "think_hard"].includes(key))
+    }
+    if (["low", "thinkhard", "think-hard", "think_hard"].includes(key)) {
         return "low";
-    if (["mid", "med", "medium", "thinkharder", "think-harder", "harder"].includes(key))
+    }
+    if (["mid", "med", "medium", "thinkharder", "think-harder", "harder"].includes(key)) {
         return "medium";
-    if (["high", "ultra", "ultrathink", "think-hard", "thinkhardest", "highest", "max"].includes(key))
+    }
+    if (["high", "ultra", "ultrathink", "think-hard", "thinkhardest", "highest", "max"].includes(key)) {
         return "high";
-    if (["xhigh", "x-high", "x_high"].includes(key))
-        return "xhigh";
-    if (["think"].includes(key))
+    }
+    if (["think"].includes(key)) {
         return "minimal";
+    }
     return undefined;
 }
 export function supportsXHighThinking(provider, model) {
     const modelKey = model?.trim().toLowerCase();
-    if (!modelKey)
+    if (!modelKey) {
         return false;
+    }
     const providerKey = provider?.trim().toLowerCase();
     if (providerKey) {
         return XHIGH_MODEL_SET.has(`${providerKey}/${modelKey}`);
@@ -51,13 +67,15 @@ export function supportsXHighThinking(provider, model) {
 }
 export function listThinkingLevels(provider, model) {
     const levels = ["off", "minimal", "low", "medium", "high"];
-    if (supportsXHighThinking(provider, model))
+    if (supportsXHighThinking(provider, model)) {
         levels.push("xhigh");
+    }
     return levels;
 }
 export function listThinkingLevelLabels(provider, model) {
-    if (isBinaryThinkingProvider(provider))
+    if (isBinaryThinkingProvider(provider)) {
         return ["off", "on"];
+    }
     return listThinkingLevels(provider, model);
 }
 export function formatThinkingLevels(provider, model, separator = ", ") {
@@ -65,53 +83,69 @@ export function formatThinkingLevels(provider, model, separator = ", ") {
 }
 export function formatXHighModelHint() {
     const refs = [...XHIGH_MODEL_REFS];
-    if (refs.length === 0)
+    if (refs.length === 0) {
         return "unknown model";
-    if (refs.length === 1)
+    }
+    if (refs.length === 1) {
         return refs[0];
-    if (refs.length === 2)
+    }
+    if (refs.length === 2) {
         return `${refs[0]} or ${refs[1]}`;
+    }
     return `${refs.slice(0, -1).join(", ")} or ${refs[refs.length - 1]}`;
 }
 // Normalize verbose flags used to toggle agent verbosity.
 export function normalizeVerboseLevel(raw) {
-    if (!raw)
+    if (!raw) {
         return undefined;
+    }
     const key = raw.toLowerCase();
-    if (["off", "false", "no", "0"].includes(key))
+    if (["off", "false", "no", "0"].includes(key)) {
         return "off";
-    if (["full", "all", "everything"].includes(key))
+    }
+    if (["full", "all", "everything"].includes(key)) {
         return "full";
-    if (["on", "minimal", "true", "yes", "1"].includes(key))
+    }
+    if (["on", "minimal", "true", "yes", "1"].includes(key)) {
         return "on";
+    }
     return undefined;
 }
 // Normalize system notice flags used to toggle system notifications.
 export function normalizeNoticeLevel(raw) {
-    if (!raw)
+    if (!raw) {
         return undefined;
+    }
     const key = raw.toLowerCase();
-    if (["off", "false", "no", "0"].includes(key))
+    if (["off", "false", "no", "0"].includes(key)) {
         return "off";
-    if (["full", "all", "everything"].includes(key))
+    }
+    if (["full", "all", "everything"].includes(key)) {
         return "full";
-    if (["on", "minimal", "true", "yes", "1"].includes(key))
+    }
+    if (["on", "minimal", "true", "yes", "1"].includes(key)) {
         return "on";
+    }
     return undefined;
 }
 // Normalize response-usage display modes used to toggle per-response usage footers.
 export function normalizeUsageDisplay(raw) {
-    if (!raw)
+    if (!raw) {
         return undefined;
+    }
     const key = raw.toLowerCase();
-    if (["off", "false", "no", "0", "disable", "disabled"].includes(key))
+    if (["off", "false", "no", "0", "disable", "disabled"].includes(key)) {
         return "off";
-    if (["on", "true", "yes", "1", "enable", "enabled"].includes(key))
+    }
+    if (["on", "true", "yes", "1", "enable", "enabled"].includes(key)) {
         return "tokens";
-    if (["tokens", "token", "tok", "minimal", "min"].includes(key))
+    }
+    if (["tokens", "token", "tok", "minimal", "min"].includes(key)) {
         return "tokens";
-    if (["full", "session"].includes(key))
+    }
+    if (["full", "session"].includes(key)) {
         return "full";
+    }
     return undefined;
 }
 export function resolveResponseUsageMode(raw) {
@@ -119,36 +153,47 @@ export function resolveResponseUsageMode(raw) {
 }
 // Normalize elevated flags used to toggle elevated bash permissions.
 export function normalizeElevatedLevel(raw) {
-    if (!raw)
+    if (!raw) {
         return undefined;
+    }
     const key = raw.toLowerCase();
-    if (["off", "false", "no", "0"].includes(key))
+    if (["off", "false", "no", "0"].includes(key)) {
         return "off";
-    if (["full", "auto", "auto-approve", "autoapprove"].includes(key))
+    }
+    if (["full", "auto", "auto-approve", "autoapprove"].includes(key)) {
         return "full";
-    if (["ask", "prompt", "approval", "approve"].includes(key))
+    }
+    if (["ask", "prompt", "approval", "approve"].includes(key)) {
         return "ask";
-    if (["on", "true", "yes", "1"].includes(key))
+    }
+    if (["on", "true", "yes", "1"].includes(key)) {
         return "on";
+    }
     return undefined;
 }
 export function resolveElevatedMode(level) {
-    if (!level || level === "off")
+    if (!level || level === "off") {
         return "off";
-    if (level === "full")
+    }
+    if (level === "full") {
         return "full";
+    }
     return "ask";
 }
 // Normalize reasoning visibility flags used to toggle reasoning exposure.
 export function normalizeReasoningLevel(raw) {
-    if (!raw)
+    if (!raw) {
         return undefined;
+    }
     const key = raw.toLowerCase();
-    if (["off", "false", "no", "0", "hide", "hidden", "disable", "disabled"].includes(key))
+    if (["off", "false", "no", "0", "hide", "hidden", "disable", "disabled"].includes(key)) {
         return "off";
-    if (["on", "true", "yes", "1", "show", "visible", "enable", "enabled"].includes(key))
+    }
+    if (["on", "true", "yes", "1", "show", "visible", "enable", "enabled"].includes(key)) {
         return "on";
-    if (["stream", "streaming", "draft", "live"].includes(key))
+    }
+    if (["stream", "streaming", "draft", "live"].includes(key)) {
         return "stream";
+    }
     return undefined;
 }

package/dist/browser/bridge-server.js

@@ -6,6 +6,19 @@ export async function startBrowserBridgeServer(params) {
     const port = params.port ?? 0;
     const app = express();
     app.use(express.json({ limit: "1mb" }));
+    app.use((req, res, next) => {
+        const ctrl = new AbortController();
+        const abort = () => ctrl.abort(new Error("request aborted"));
+        req.once("aborted", abort);
+        res.once("close", () => {
+            if (!res.writableEnded) {
+                abort();
+            }
+        });
+        // Make the signal available to browser route handlers (best-effort).
+        req.signal = ctrl.signal;
+        next();
+    });
     const authToken = params.authToken?.trim();
     if (authToken) {
         app.use((req, res, next) => {

package/dist/browser/cdp.helpers.js

@@ -1,30 +1,26 @@
 import WebSocket from "ws";
+import { isLoopbackHost } from "../gateway/net.js";
 import { rawDataToString } from "../infra/ws.js";
-export function isLoopbackHost(host) {
-    const h = host.trim().toLowerCase();
-    return (h === "localhost" ||
-        h === "127.0.0.1" ||
-        h === "0.0.0.0" ||
-        h === "[::1]" ||
-        h === "::1" ||
-        h === "[::]" ||
-        h === "::");
-}
+import { getChromeExtensionRelayAuthHeaders } from "./extension-relay.js";
+export { isLoopbackHost };
 export function getHeadersWithAuth(url, headers = {}) {
+    const relayHeaders = getChromeExtensionRelayAuthHeaders(url);
+    const mergedHeaders = { ...relayHeaders, ...headers };
     try {
         const parsed = new URL(url);
-        const hasAuthHeader = Object.keys(headers).some((key) => key.toLowerCase() === "authorization");
-        if (hasAuthHeader)
-            return headers;
+        const hasAuthHeader = Object.keys(mergedHeaders).some((key) => key.toLowerCase() === "authorization");
+        if (hasAuthHeader) {
+            return mergedHeaders;
+        }
         if (parsed.username || parsed.password) {
             const auth = Buffer.from(`${parsed.username}:${parsed.password}`).toString("base64");
-            return { ...headers, Authorization: `Basic ${auth}` };
+            return { ...mergedHeaders, Authorization: `Basic ${auth}` };
         }
     }
     catch {
         // ignore
     }
-    return headers;
+    return mergedHeaders;
 }
 export function appendCdpPath(cdpUrl, path) {
     const url = new URL(cdpUrl);
@@ -36,17 +32,18 @@ export function appendCdpPath(cdpUrl, path) {
 function createCdpSender(ws) {
     let nextId = 1;
     const pending = new Map();
-    const send = (method, params) => {
+    const send = (method, params, sessionId) => {
         const id = nextId++;
-        const msg = { id, method, params };
+        const msg = { id, method, params, sessionId };
         ws.send(JSON.stringify(msg));
         return new Promise((resolve, reject) => {
             pending.set(id, { resolve, reject });
         });
     };
     const closeWithError = (err) => {
-        for (const [, p] of pending)
+        for (const [, p] of pending) {
             p.reject(err);
+        }
         pending.clear();
         try {
             ws.close();
@@ -55,14 +52,19 @@ function createCdpSender(ws) {
             // ignore
         }
     };
+    ws.on("error", (err) => {
+        closeWithError(err instanceof Error ? err : new Error(String(err)));
+    });
     ws.on("message", (data) => {
         try {
             const parsed = JSON.parse(rawDataToString(data));
-            if (typeof parsed.id !== "number")
+            if (typeof parsed.id !== "number") {
                 return;
+            }
             const p = pending.get(parsed.id);
-            if (!p)
+            if (!p) {
                 return;
+            }
             pending.delete(parsed.id);
             if (parsed.error?.message) {
                 p.reject(new Error(parsed.error.message));
@@ -85,8 +87,9 @@ export async function fetchJson(url, timeoutMs = 1500, init) {
     try {
         const headers = getHeadersWithAuth(url, init?.headers || {});
         const res = await fetch(url, { ...init, headers, signal: ctrl.signal });
-        if (!res.ok)
+        if (!res.ok) {
             throw new Error(`HTTP ${res.status}`);
+        }
         return (await res.json());
     }
     finally {
@@ -99,8 +102,9 @@ export async function fetchOk(url, timeoutMs = 1500, init) {
     try {
         const headers = getHeadersWithAuth(url, init?.headers || {});
         const res = await fetch(url, { ...init, headers, signal: ctrl.signal });
-        if (!res.ok)
+        if (!res.ok) {
             throw new Error(`HTTP ${res.status}`);
+        }
     }
     finally {
         clearTimeout(t);
@@ -108,16 +112,26 @@ export async function fetchOk(url, timeoutMs = 1500, init) {
 }
 export async function withCdpSocket(wsUrl, fn, opts) {
     const headers = getHeadersWithAuth(wsUrl, opts?.headers ?? {});
+    const handshakeTimeoutMs = typeof opts?.handshakeTimeoutMs === "number" && Number.isFinite(opts.handshakeTimeoutMs)
+        ? Math.max(1, Math.floor(opts.handshakeTimeoutMs))
+        : 5000;
     const ws = new WebSocket(wsUrl, {
-        handshakeTimeout: 5000,
+        handshakeTimeout: handshakeTimeoutMs,
         ...(Object.keys(headers).length ? { headers } : {}),
     });
     const { send, closeWithError } = createCdpSender(ws);
     const openPromise = new Promise((resolve, reject) => {
         ws.once("open", () => resolve());
         ws.once("error", (err) => reject(err));
+        ws.once("close", () => reject(new Error("CDP socket closed")));
     });
-    await openPromise;
+    try {
+        await openPromise;
+    }
+    catch (err) {
+        closeWithError(err instanceof Error ? err : new Error(String(err)));
+        throw err;
+    }
     try {
         return await fn(send);
     }